I would like to propose the introduction of a set of functions to allocate or
free a chunk of unswappable memory, e.g.

gpointer g_malloc_locked(gulong n_bytes, GError ** error);
gpointer g_malloc0_locked(gulong n_bytes, GError ** error);
gpointer g_free_locked(GError ** error);
etc.

The main use for such chunks of memory is for routines which require a high
level of security, e.g. for processing GnuPG passphrases which must not be
leaked to swap space. Of course, an application using this feature must be suid
root.

After the allocation of the memory using the g_malloc*locked family of calls, it
should be protected from being paged by calling mlock() on Posix/SysV systems.
If this failes (e.g. as the application does not have proper permissions), an
error should be returned.

When calling g_free_locked, the chunk of memory should first be overwritten with
random data and/or a pattern to prevent any leak of information.

The pinentry application which is part of the Aegypten project provides a set of
such calls (based upon their own "memory management", though). Please see [1]
for details.

[1]
http://cvs.gnupg.org/cgi-bin/viewcvs.cgi/pinentry/secmem/secmem.c?cvsroot=Project+Aegypten